[Users] Is there a fix yet for : 8.8.12 Patch 3 breaks inline signatures and creates multiple attachments
L Mark Stone
lmstone at lmstone.com
Thu Jun 27 14:34:53 CEST 2019
I am not a programmer, but as I understand it the owasp sanitizer protects against cross site scripting attacks.
The inline attachment problem is incredibly annoying it is true, but if my understanding is correct I’d rather deal with the inline attachment problem rather than expose my Zimbra servers to an XSS exploit.
Perhaps someone who understands this better can provide greater clarity?
___________________________
L. Mark Stone
Sent from my iPhone
> On Jun 27, 2019, at 8:14 AM, David Touitou <david at network-studio.com> wrote:
>
> Hi,
>
> just seen that on the US forum, disabling the new HTML sanitizer "fixes" the problem (until a better resolution).
>
> "As a workaround please do the following on all mailbox servers
> zmlocalconfig -e zimbra_use_owasp_html_sanitizer=FALSE
> zmmailboxdctl restart"
>
> David
More information about the Users
mailing list